CVE-2003-1469

ColdFusion MX - Unauthenticated Sensitive Information Exposure via CFIDE/probe.cfm

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-1469. PoCs published by Network Intelligence.

AI-analyzed exploit summary This is a writeup describing a path disclosure vulnerability in Macromedia ColdFusion MX. The vulnerability is triggered by accessing a specific URL, which returns an error message containing the full path of the ColdFusion installation.

Description

The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Network Intelligence · textwebappscfm
https://www.exploit-db.com/exploits/22544

This is a writeup describing a path disclosure vulnerability in Macromedia ColdFusion MX. The vulnerability is triggered by accessing a specific URL, which returns an error message containing the full path of the ColdFusion installation.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Macromedia ColdFusion MX
No auth needed
Prerequisites: Network access to the target server
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/319867
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/11879
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/7443
Various Sources x_refsource_misc
http://www.nii.co.in/vuln/pdmac.html
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3307

Scores

EPSS 0.0672
EPSS Percentile 93.2%

Details

CWE
CWE-200
Status published
Products (3)
macromedia/coldfusion (2 CPE variants)
macromedia/coldfusion 6.0
macromedia/coldfusion_professional
Published Dec 31, 2003
Tracked Since Feb 18, 2026